10755513
Description
| Question | Answer |
| What is key stretching | Essentially key strengthening. It makes a weaker key stronger by sending it through another algorithm. |
| What is hashing | Running data through a cryptographic function to produce a one-way message digest. |
| Message Digest (MD) 2 Characteristics | - Widely used by slow - 128 Bit Hash Value - 18 Rounds of Computations |
| Message Digest (MD) 4 Characteristics | - 128 Bit Hash Value - 3 Rounds of Computations |
| Message Digest (MD) 5 Characteristics | - Should not be used for SSL - Should not be used for Digital Signatures - 128 Bit Hash Value - 4 Rounds of Computations |
| Message Digest (MD) 6 | - Variable Hash - Variable Rounds of Computations |
| How many Secure Hash Algorithm (SHA) versions are there? | 3 Total - SHA-0/1 - SHA-2 - SHA-3 |
| SHA-0/1 Characteristics | - 160 Bit Hash - 80 Rounds of Computations - 512 Bit Blocks |
| SHA-2 Family Characteristics | A family of hash functions. There are 6 different variations to this version. |
| SHA-224 Characteristics | - 224 Bit Hash - 64 Rounds of Computation - 512 Bit Blocks |
| SHA-256 Characteristics | - 256 Bit Hash - 64 Rounds of Computation - 512 Bit Blocks |
| SHA-384 Characteristics | - 384 Bit Hash - 80 Rounds of Computation - 1024 Bit Blocks |
| SHA-512 Characteristics | - 512 Bit Hash - 80 Rounds of Computation - 1024 Bit Blocks |
| SHA-512/224 Characteristics | - 224 Bit Hash - 80 Rounds of Computation - 1024 Bit Blocks - 512 is the internal state size |
| SHA-512/256 Characteristics | - 256 Bit Hash - 80 Rounds of Computation - 1024 Bit Blocks - 512 is the internal state size |
| DES Characteristics | - Name: Digital Encryption Standard - Cipher Type: Block Key Size: 64 Bits (56 effective) Rounds: 16 Block Size: 64 bits |
| 3DES Characteristics | - Name: Triple DES (3DES) - Cipher Type: Block Key Size: 56, 112 or 168 bits Rounds: 48 Block Size: 64 bits |
| AES Characteristics | - Name: Advanced Encryption Standard - Cipher Type: Block Key Size: 128, 192 or 256 bits Rounds: 10, 12 or 14 Block Size: 128 bits |
| IDEA Characteristics | - Name: International Data Encryption Algorithm - Cipher Type: Block Key Size: 128 bits Rounds: 8 Block Size: 64 bits |
| Skipjack Characteristics | - Name: Skipjack - Cipher Type: Block Key Size: 80 bits Rounds: 32 Block Size: 64 bits |
| Blowfish Characteristics | - Name: Blowfish - Cipher Type: Block Key Size: 32 to 448 bits Rounds: 16 Block Size: 64 bits |
| Twofish Characteristics | - Name: Twofish - Cipher Type: Block Key Size: 128, 192 or 256 bits Rounds: 16 Block Size: 128 bits |
| RC4 Characteristics | - Name: RC4 - Cipher Type: Stream Key Size: 40 to 2048 bits Rounds: Up to 265 Block Size: N/A |
| RC5 Characteristics | - Name: RC5 - Cipher Type: Block Key Size: Up to 2048 bits Rounds: Up to 255 Block Size: 32, 64 or 128 bits |
| RC6 Characteristics | - Name: RC6 - Cipher Type: Block Key Size: Up to 2048 bits Rounds: Up to 255 Block Size: 32, 64 or 128 bits - Faster than RC5 |
| What is an asymmetric algorithm? | A dual-key or public-key crypto. It uses a public and a private key. Public key is known by all and private key is known by owner. |
| What does an asymmetric algorithm provide? | Confidentiality, integrity, authentication and non-repudiation |
| What are some asymmetric algorithms? | Diffie-Hellman, RSA, El Gamal, ECC, Knapsack and Zero Knowledge Proof |
| What is entropy? | Randomness collected by an application that is used in cryptography requiring random data. |
| What is diffusion? | The process of changing the location of the plain text within cipher text. |
| What is confusion? | The process of changing a key value during each round of encryption. Most often by substitution, |
| What is non-repudiation? | Proof of the origin of data. |
| What is confidentiality? | Ensures the data cannot be read except by the valid recipient. |
| What is integrity? | Allowing valid recipients to verify data has not been altered. |
| What is a wildcard certificate? | A certificate that can be used by multiple sub-domains of a domain. |
| What is OCSP and how does it work? | OCSP - Online Certificate Status Protocol It obtains the revocation status of an X.509 certificate via serial number. Accesses CRL on the CA. |
| What is the CRL and how does it work? | CRL - Certification Revocation List A list of certificates that the CA has revoked. |
| What is an advantage of a stream ciphers? | - Lower error of propagation - Generally used more in hardware - Same key for decryption and encryption - Cheaper to implement - Employ only confusion, not confusion |
| What is an advantage of a block cipher? | - Easier to implement - Less susceptible to security issues - Used in more software - Employ both confusion and diffusion |
| What are the 5 modes of DES? | - Electronic Code Book (ECB) - Cipher Block Chaining (CBC) - Cipher Feedback (CFB) - Output Feedback (OFB) - Counter Mode (CTR) |
| What is ECB? | - Electronic Code Book - Uses 64 bit blocks that can be padded. - Vulnerable, encrypted with same key |
| What is CBC? | - Cipher Block Chaining - 64 bit blocks which are chained. - Encrypted cipher text block is applied to next block |
| What is CFB? | - Cipher Feedback - 8 bit blocks and uses stream/block cipher - 8 bit block is fed into next block DES algorithm. - Do not use for VOX/Video |
| What is OFB? | - Output Feedback - 8 bit blocks and uses stream/block cipher -Uses previous key stream to form next keystream |
| What is CTR? | - Counter Mode - Uses increment counter which is fed into key stream - Each block has different key stream |
| What are 4 3DES modes? | - 3DES-EEE3 - 3DES-EDE3 - 3DES-EEE2 - 3DES-EDE2 |
| What is 3DES-EEE3? | - Blocks are encrypted 3 times with a different key |
| What is 3DES-EDE3? | Block data is encrypted with the first key, decrypted with the second and encrypted with the third. |
| What is 3DES-EEE2? | Each block of data is encrypted with the first key, encrypted with the second key and encrypted again with the first key |
| What is 3DES-EDE2? | Each block of data is encrypted with the first key, decrypted with the second key and encrypted again with the first key |
| What are some strengths of symmetric algorithms? | - 1000 to 10000 times faster than asymmetric - Hard to break - Cheaper to implement |
| What are some weaknesses of symmetric algorithms? | - Number of unique keys makes it harder to manage - Secure key distribution is most important - Security compromised if one party is |
| What are some strengths of asymmetric algorithms? | - Key distribution is easier to manage - Key management is easier due to everyone using same public key |
| What are some weaknesses of asymmetric algorithms? | - More expensive to implement - 1000 to 10000 times slower than symmetric algorithms |
| What is DRM? | Digital Rights Management - Controls use of digital content |
| What is GPG? | GNU Privacy Guard - Used to protect electronic comms - Upgrade of PGP and uses AES |
| What is PGP? | Pretty Good Privacy - Uses RSA for encryption - Web of trust for key management - Share public keys with everyone. |
| What is SSL/TLS and what are two ways it can be implemented? | Secure Sockets Layer Transport Layer Security - SSL Portal VPN - SSL Tunnel VPN |
| What is an SSL Portal VPN? | - Where a user can have a single SSL connection to multiple services on a web server. - Once authenticated, user has access to other services |
| What is an SSL Tunnel VPN? | Uses an SSL tunnel to access services on a server that is NOT a web server. |
| Which SSL version must be used on client side authentication? | SSL-2 |
| What S/MIME? | Secure Multipurpose Internet Mail Extensions - Allows email to include attachments - S/MIME allows MIME to encrypt and digitally sign emails. - Provides confidentiality, integrity, authentication and non-repudiation |
| What is diffusion? | The process of changing the location of plain text within cipher text. |
| How is diffusion carried out? | Through transposition or permutation. This is the process of shuffling or reordering the plain text to hide original. |
| What are some popular asymmetric algorithms? | Diffie-Hellman, RSA, El Gamal, ECC, Knapsack and Zero Knowledge Proof |
| What are some popular symmetric algorithms? | DES, AES, IDEA, Skipjack, Blowfish, Twofish, RC4/RC5/RC6 and CAST |
| What is key clustering? | When different encryption keys are used to generate the same cipher text from the same plain text. |
| What is cryptanalysis? | The science of decrypting cipher-text without prior knowledge of the key or crypto system used. |
| What is PFS and what is it used for? | Perfect Forward Secrecy Increases the security for a VPN because it ensures the same key will not be generated by forcing a new key exchange. |
0 comments
Want to create your own Flashcards for free with GoConqr? Learn more.